Ahmedabad: The Gujarat Anti-Terrorism Squad (ATS) has apprehended one Jaseem Shahnawaz Ansari from Nadiad and his juvenile accomplice for allegedly carrying out cyberattacks on Indian government websites and sharing posts with anti-India messages. The attacks intensified around the time of Operation Sindoor, India’s military response to the Pahalgam terror incident. The accused also posted screenshots of these attacks on their Telegram channel.

In an official release, the Gujarat ATS stated that, following directives from the Central and State governments to monitor anti-national activities on social media and the dark web, it intensified surveillance through its 24×7 Social Media Monitoring Cell. During this monitoring, officials received intelligence that Jaseem, along with several juveniles in conflict with the law, was operating a Telegram group called ‘AnonSec’, which was allegedly involved in Distributed Denial-of-Service (DDoS) attacks targeting various Indian government websites.

“Based on this tip-off, a team was formed and a detailed investigation was launched. During the probe, the mobile phones of Jaseem and the juvenile were sent to FSL Gandhinagar. It was revealed that they initially created a Telegram channel named ‘EXPLOITXSEC’ and a backup channel called ‘ELITEXPLOIT’, which was later renamed to ‘AnonSec’. The backup channel was meant to continue their activity if the main channel was taken down,” said ATS DIG Sunil Joshi during a press briefing.

The investigation further revealed that both accused, who had failed Class 12, had become proficient in cyber activities over the past 6–8 months. They learned tools and languages such as Python, Pydroid, and Termux through online platforms. Using cloned DDoS tools from GitHub, they altered directories within Termux and Pydroid3 and used websites like checkhost.net to verify the operational status of targeted sites. They then posted screenshots of these results on their Telegram channel to promote their anti-India ideology.

According to ATS, between April and May 2025, the duo carried out over 50 cyberattacks on central and state government websites. They then posted screenshots on the Telegram channel with messages such as: “Several Government sites of India has been touch by AnonSec..!”, “Hi, India we just took down your financial shield and servers.”, and “Hi, India we just took down your shield and servers.”

The senior official further stated that, “On May 7, 2025, in response to Operation Sindoor launched by the Indian government after the Pahalgam terror attack, they escalated their cyberattacks and targeted around 20 websites in a single day. A message posted in the Telegram group read: ‘India may have started it, but we will be the ones to finish it.’ The accused targeted critical sectors like defense, finance, aviation, urban development, and various state government websites.”

As a result, on May 19, 2025, Gujarat ATS registered a case against Jaseem Shahnawaz Ansari and the juvenile under Sections 43 and 66(F) of the Information Technology Act. Jaseem, a resident of K-326, opposite Kalyan Kunj, Majurgam, Mill Road, Nadiad, has been taken into custody.

It is noteworthy that a Distributed Denial-of-Service (DDoS) attack is a cyberattack in which a targeted server or network is overwhelmed with malicious traffic from multiple sources, often using botnets. This flood of traffic overloads the system, rendering it inaccessible to legitimate users. DDoS attacks can disrupt online services, cause financial losses, and damage reputations. DeshGujarat